Senior Analyst - Cyber Threat Modeling and Risk
eqbank · Toronto, Canada
About The Role
Join a Challenger
At EQB, we're remaking banking so every Canadian gets ahead, every day. Serving nearly 4 million Canadians from coast to coast, we offer a wide variety of financial services from banking and lending, to trust and credit union solutions. And as the exclusive financial partner of Loblaw Companies Limited's PC Optimum™ loyalty program, we're woven into the daily lives of more than 18 million members across Canada.
We've been at this since 1970, challenging the conventions of traditional banking with smarter, faster, and more connected financial experiences.
What's kept us moving? The people behind it all: challengers who ask better questions, push back on old assumptions, and look for a better way forward.
If you're driven to help reshape how banking works for Canadians and the businesses that power our economy, this could be your next big opportunity. We can’t wait to get to know you!
We can’t wait to get to know you!
The Work
The Senior Analyst - Cyber Threat Modeling and Risk supports the Threat Modeling and Risk Assessment program by assisting with the identification, assessment, and tracking of cyber security risks across technology. The role works under the guidance of senior team members to help ensure appropriate security controls are identified early in the design lifecycle, enabling secure and resilient technology solutions while supporting business growth.
The Core Responsibilities!
- Provide security advisory support to technology and business teams under supervision.
- Help conduct threat modeling and security assessments for applications and infrastructure.
- Review solution designs with senior analysts and SMEs to identify threats, attack paths, and risks.
- Document outputs like data flow and architecture diagrams, along with basic threat scenarios.
- Assist in tracking and addressing design flaws and security findings from threat modeling.
- Support onboarding of security services (e.g., MFA, logging, vulnerability scanning) guided by senior team members.
- Keep accurate records in risk tracking repositories.
- Aid continuous improvement of threat modeling processes, templates, and documentation.
- Build foundational knowledge of the organization’s enterprise security frameworks, policies, and standards.
- Review solution designs for risk and threat assessment.
- Record risks, threat scenarios, and control gaps in tracking tools.
- Track remediation actions and assist risk discussions with stakeholders.
- Build knowledge of cyber security controls and their technology applications.
Let's Talk About You!
- A college diploma or university degree in Computer Science, Information Technology, Cyber Security, or a related discipline is required.
- 2–3 years of experience in information security, IT risk, or technology roles is preferred.
- Foundational understanding of threat modeling concepts or methodologies; practical experience is an asset.
- Basic understanding of application security principles and common vulnerabilities (e.g., OWASP Top 10).
- Exposure to cloud and hybrid environments is an asset.
- Ability to support IT security risk assessments and document findings clearly.
- Familiarity with security diagrams and documentation such as data flow diagrams and architecture diagrams.
- Understanding of APIs, CI/CD pipelines, or secure software development practices is an asset.
- Strong communication, documentation, and collaboration skills.
- Interest in pursuing security certifications (e.g., Security+, CCSP, CISSP in future) is an asset.
This listing was posted by a verified recruiter at eqbank. Report this listing
JobSpring